package com.security2.demo.controller;


import com.security2.demo.domain.ReturnInfo;
import com.security2.demo.utils.SecurityConstants;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * 访问路径
 */
@RestController
public class BrowserSecurityController {

    /**
     * 当需要身份认证的时候，跳转到这里
     *
     * @param request  request
     * @param response response
     * @return String
     * @throws IOException IOException
     */
    @RequestMapping(SecurityConstants.DEFAULT_UNAUTHENTICATION_URL)
    @ResponseStatus(code = HttpStatus.UNAUTHORIZED)
    public ReturnInfo requireAuthentication(HttpServletRequest request, HttpServletResponse response) throws IOException {
        return new ReturnInfo("访问的服务器需要身份认证，请引导用户到登录页面");
    }

    /**
     * session失效跳转
     * @return
     */
    @GetMapping(SecurityConstants.DEFAULT_SESSION_INVALID_URL)
    @ResponseStatus(code = HttpStatus.UNAUTHORIZED)
    public ReturnInfo sessionInvalid() {
        return new ReturnInfo("session失效");
    }
}
